SKS Keyserver Network Under Attack

Alyssa Ross hi at
Tue Jul 2 00:43:18 CEST 2019

> And yes, hkps:// would fall over and die if too many
> users started using it. So cert poisoning will be an issue until there's
> a secure alternative.

Just as a point of interest, I've talked to the people running about their capacity in #hagrid, when we were exploring
whether to change the default keyserver in Nixpkgs' GnuPG[1] (which we
ended up doing).

The impression I got was that they're very optimistic about their
ability to handle traffic to their server -- they were happy to have a
distro make the switch, and will be changing the defaults in Enigmail
and OpenKeychain very soon, as I understand it.

It is a real shame that a decentralized Hagrid isn't really possible,
though, at least to my understanding. It's quite the limitation for

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <>

More information about the Gnupg-users mailing list